Security 177 – Social Media and Privacy

 

Talk given on April 17th, 2018 at the East Brunswick Public Library on Security and privacy. We did a very introductory topic of what it means to share your data with social media services. We discussed what it means to assess risk, what Facebook has, how tracking and advertising works, and what to do moving forward. Again, this is very introductory.

Security 176 – More Facebook Fallout

We are talking part 2 of the Facebook mess

We are also quickly talking about:
https://stopsesta.org/#facts

https://www.eff.org/deeplinks/2018/03/secure-messaging-more-secure-mess

https://www.bleepingcomputer.com/news/security/drupal-fixes-drupalgeddon2-security-flaw-that-allows-hackers-to-take-over-sites/
.
https://www.eff.org/deeplinks/2018/02/cloud-act-dangerous-expansion-police-snooping-cross-border-data

https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3

Security 153 – Certificate Revocation Lists

[editor note: Tom is awesome in this. Me, not so much. I completely misunderstood how this worked.]

So what happens when a certificate can no longer be trusted? How do you revoke trust, or the certificate?

https://arstechnica.com/security/2017/07/https-certificate-revocation-is-broken-and-its-time-for-some-new-tools/

We are going into the weeks before defcon, where news is sparse. We recommend joining our WhatsApp group. Tweet us, or comment for the link.

 

Security 130 – Unplug Your Toaster

We added a bitcoin link, in case you would like to donate:
btc:1Mg4NYfdaRi38BookVJNqKrEkDRUnv6R78

We discuss the massive DDOS attack on Dyn, a large internet DNS provider, that took out a large chunk of the Internet on Friday

Show Notes

https://community.rapid7.com/community/infosec/blog/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities

https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/

https://dyn.com/blog/dyn-statement-on-10212016-ddos-attack/